Vulnerabilities > DKD > Direct Mail > 5.2.3

DATE CVE VULNERABILITY TITLE RISK
2020-05-13 CVE-2020-12700 Missing Authorization vulnerability in DKD Direct Mail
The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query.
network
low complexity
dkd CWE-862
4.3
4.3
2020-05-13 CVE-2020-12699 Open Redirect vulnerability in DKD Direct Mail
The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl.
network
low complexity
dkd CWE-601
6.1
6.1
2020-05-13 CVE-2020-12698 Missing Authorization vulnerability in DKD Direct Mail
The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables.
network
low complexity
dkd CWE-862
4.3
4.3
2020-05-13 CVE-2020-12697 Allocation of Resources Without Limits or Throttling vulnerability in DKD Direct Mail
The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries.
network
low complexity
dkd CWE-770
5.3
5.3